

.phony: all resetCA %
all: server client

ca/privatekey.pem: ca/cert.pem
	echo "Avoid letting ca/privatekey.pem match %"

ca/cert.pem: 
	mkdir ca
	echo "Create CA"
	echo "01" > "ca/serial"
	touch "ca/index.txt"
	openssl req -new -x509 -days 100 -extensions v3_ca -keyout ca/privatekey.pem -out ca/cert.pem -passin pass:datasakerhet

resetCA:
	$(RM) ca/index.* ca/serial*
	touch "ca/index.txt"
	echo "01" > "ca/serial"

%: ca/cert.pem ca/privatekey.pem
	mkdir "$*"
	echo "Creating stuff for $*"
	keytool -genkeypair -keypass datasakerhet -storepass datasakerhet -keystore "$*/keystore" -validity 100
	keytool -certreq -file "$*/certreq.csr" -keystore "$*/keystore" -keypass datasakerhet -storepass datasakerhet
	openssl ca -config ./openssl.cnf -policy policy_anything -keyfile "ca/privatekey.pem" -cert "ca/cert.pem" -passin pass:datasakerhet -days 100 -outdir "./$*" -out "$*/cert.crt" -in "$*/certreq.csr"
	openssl x509 -in "$*/cert.crt" -out "$*/cert.der" -outform DER -passin pass:datasakerhet
	keytool -importcert -alias ca_cert -file "ca/cert.pem" -keystore "$*/keystore" -storepass datasakerhet
	keytool -importcert -file "$*/cert.der" -keystore "$*/keystore" -storepass datasakerhet
